[Mimedefang] Tweaking Sendmail's HELO
Philip Prindeville
philipp_subx at redfish-solutions.com
Mon Mar 6 12:40:59 EST 2006
I was wondering about how the milter code works in Sendmail,
and the fact that if the filter_helo() rejects the message, then HELO
still responds with 250 and moves to the next stage, but when
a EXPN or MAIL FROM: is seen, then Sendmail gives the
error status from the previous HELO rejection.
Given that a filter_helo() rejection typically isn't going to be given
to a legitimate mailer to begin with, but to a ratware client, strict
conformance with the standard wouldn't seem to be that important.
Further, if the client that you've just rejected from the HELO command
is known to be a virus that will attempt to exploit your machine (say
by a buffer overflow in the next command, i.e. a VRFY/EXPN/MAIL
FROM command), then it seems to me you have an interest in failing
the HELO command right away.
Anyone familiar enough with the srvrsmtp.c code to recommend a
patch that would allow immediate failure of the filter_helo() response
rather than waiting for the next transition in the state machine?
Thanks,
-Philip
More information about the MIMEDefang
mailing list